Under what circumstances can a vtable pointer be null (or 0x1)?

Question

I am currently debugging a crashlog. The crash occurs because the vtable pointer of a (c++-) object is 0x1, while the rest of the object seems to be ok as far as I can tell from the crashlog.

The program crashes when it tries to call a virtual method.

My question: Under what circumstances can a vtable pointer become null? Does operator delete set the vtable pointer to null?

This occurs on OS X using gcc 4.0.1 (Apple Inc. build 5493).

Answer 1

Could be a memory trample - something writing over that vtable by mistake. There is a nearly infinite amount of ways to "achieve" this in C++. A buffer overflow, for example.

Answer 2

Any kind of undefined behaviour you have may lead to this situation. For example:

• Errors in pointer arithmetic or other that make your program write into invalid memory.
• Uninitialized variables, invalid casts...
• Treating an array polymorphically might cause this as a secondary effect.
• Trying to use an object after delete.

See also the questions What’s the worst example of undefined behaviour actually possible? and What are all the common undefined behaviour that a C++ programmer should know about?.

Your best bet is to use a bounds and memory checker, as an aid to heavy debugging.